The Identity & Access Management (IAM) solution enables seamless and secure access to corporate information and applications from virtually any location and device. It provides corporate users with a single identity, offering them a consistent experience both on-premises and from remote locations, across both trusted and untrusted endpoints.

• DirectAccess, built into Windows 7 and Windows Server 2008 R2, provides always-on, secure and seamless access to data and applications from trusted Windows 7 clients.
• Microsoft Forefront Unified Access Gateway (UAG) enables simplified secure remote access from endpoints using older versions of Windows or other operating systems and extends access to internal resources from untrusted endpoints as well.
• The SSL-VPN capability of UAG enables identity-centric, policy-based granular access and security with endpoint integrity checks.

The IAM solution allows businesses to securely collaborate with partners and customers without users having to exchange private information. It enables users to move seamlessly between applications across the enterprise and other organizations through consistent, persistent identity and credentials.

• Active Directory Federation Services provides consistent, persistent identity and credentials that can flow between organizations, which helps reduce the need to manage multiple user accounts or group memberships.
• Forefront Identity Manager (FIM) integrates with Windows client and server to apply a rational, policy-based, and automated framework to each user’s identity, enabling end-users to manage their own identities, group memberships, and passwords.
• The IAM solution helps extend single sign-on from an on-premises directory, such as Active Directory, to cloud services, such as those offered by Microsoft Windows Live or other managed providers.

The IAM solution automates the entire identity life-cycle management process to reduce inefficiencies and hidden costs. It enables administrators to apply policies consistently across the enterprise by centrally managing access to applications. To help meet regulatory requirements, IAM provides simplified management of identities, credentials, groups, policies, and resources:

• The workflow-driven approval process in FIM enables self-service management of group memberships through controls presented in Microsoft Office Outlook and SharePoint.
• Microsoft Forefront Identity Manager streamlines and simplifies secure authentication and authorization for remote access via integrated certificates and smart cards management.
• The policy-based management system in FIM improves control over users’ identity life cycle, and protects corporate assets against misuse as users move between roles or leave the organization.